Maintaining the Server's Certificate List Using SAPGENPSE
Use the tool's commandmaintain_pk to maintain the server's certificate list.
sapgenpse maintain_pk [<additional options>] [-a <cert_file>] [-d <number>] -p <PSE_name> [-x <PIN>]
Where:
Standard Options
| Option | Parameter | Description | Allowed Values | Default |
|---|---|---|---|---|
|
-a |
<cert_file> |
Add certificate from file<cert_file> to the certificate list. |
Path description (in quotation marks, if spaces exist) |
None |
|
-m |
<cert_file> |
Add multiple certificates from<cert_file> to the certificate list. |
Not applicable |
None |
|
-M |
<store> |
Add multiple certificates from the CryptoAPI certificate store to the certificate list. |
ROOT, CA, MY, SPC |
None |
|
-d |
<number> |
Delete certificate number<number> from certificate list. |
Numerical value |
None |
|
-p |
<PSE_name> |
Path and file name for the server's PSE |
Path description (in quotation marks, if spaces exist) |
None |
|
-x |
<PIN> |
PIN that protects the PSE |
Character string |
None |
Additional Options
| Option | Parameter | Description | Allowed Values | Default |
|---|---|---|---|---|
|
-l |
None |
List existing certificate list |
Not applicable |
None |
|
-y |
None |
Automatic YES-mode for-m or-M options. |
Not applicable |
None |
Importing a Certificate into the Application Server's Certificate List
The following command line imports the AGate's certificate from the fileD:\usr\sap\ABC\DVEBMGS28\sec\ABC_AGate.crt into the application server's PSE, which is located at D:\usr\sap\ABC\DVEBMGS28\sec\ABC.pse
sapgenpse maintain_pk -a D:\usr\sap\ABC\DVEBMGS28\sec\ ABC_AGate.crt -p D:\usr\sap\ABC\DVEBMGS28\sec\ABC.pse